Comment by jefftk
5 years ago
For example, if someone manages to upload HTML and trick your system into serving it with a content type that browsers will interpret as HTML, then they can modify or exfiltrate your user's cookies. This could allow impersonation attacks, XSS, etc.
(Disclosure: I work for Google, speaking only for myself)
No comments yet
Contribute on Hacker News ↗